Hi there.

I have setup like this:

Gateway (mikrotik) 10.0.0.4
DNS server (same) 10.0.0.4
DNS2 server (Win) 10.0.0.5

now, my clients have gateway 10.0.0.4 and dns 10.0.0.4, but, I want to disable Mikrotiks DNS cache, so I need firewall rulle which will redirect all requests to Windows DNS server, but I repeat I dont' want Mikrotik to be DNS server, and also I dont want to reconfigure all clients manualy so the DNS is 10.0.0.5.

Question is why I don't want Mikrotik as DNS server. Answer is that I think that there is a bug in DNS cache, it is always sending DNS requests to its DNS parrent, and it is consuming too much internet sometimes even 128kbit and here Internet is very expensive .

To redirect DNS requests you should create a dst-nat rule in the firewall section. Example: You should both redirect TCP and UDP packets, as DNS normally uses UDP packets, but for larger requests/replies TCP could get used.

Thanks allot, I'll try this later, I was trying something before, but not nat, redirect and used only TCP, I totaly forgot about UDP :(.